mails.list

显示全部楼层 · 发表于 2008-8-7 19:43:51

下载地址：http://thehotcollegebabes.com/mails.list

显示全部楼层 · 发表于 2008-8-7 19:44:51

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.8.7.0	2008.08.07	-
AntiVir	7.8.1.19	2008.08.07	TR/Crypt.XPACK.Gen
Authentium	5.1.0.4	2008.08.07	-
Avast	4.8.1195.0	2008.08.06	Win32:JunkPoly
AVG	8.0.0.156	2008.08.07	Win32/Heur
BitDefender	7.2	2008.08.07	Packer.Malware.LDPinch.A
CAT-QuickHeal	9.50	2008.08.06	(Suspicious) - DNAScan
ClamAV	0.93.1	2008.08.07	-
DrWeb	4.44.0.09170	2008.08.07	BackDoor.IRC.Flood.8
eSafe	7.0.17.0	2008.08.06	Suspicious File
eTrust-Vet	31.6.6017	2008.08.07	-
Ewido	4.0	2008.08.07	-
F-Prot	4.4.4.56	2008.08.06	-
F-Secure	7.60.13501.0	2008.08.07	-
Fortinet	3.14.0.0	2008.08.07	-
GData	2.0.7306.1023	2008.08.07	Win32:JunkPoly
Ikarus	T3.1.1.34.0	2008.08.07	Trojan-PWS.Win32.LdPinch.bpj
K7AntiVirus	7.10.405	2008.08.07	-
Kaspersky	7.0.0.125	2008.08.07	Heur.Invader
McAfee	5355	2008.08.06	New Malware.bl
Microsoft	1.3807	2008.08.07	PWS:Win32/Ldpinch.BC
NOD32v2	3336	2008.08.07	-
Norman	5.80.02	2008.08.06	-
Panda	9.0.0.4	2008.08.06	Suspicious file
PCTools	4.4.2.0	2008.08.06	-
Prevx1	V2	2008.08.07	Malicious Software
Rising	20.56.32.00	2008.08.07	-
Sophos	4.31.0	2008.08.07	Sus/UnkPacker
Sunbelt	3.1.1537.1	2008.08.07	VIPRE.Suspicious
Symantec	10	2008.08.07	-
TheHacker	6.2.96.393	2008.08.04	-
TrendMicro	8.700.0.1004	2008.08.07	PAK_Generic.001
VBA32	3.12.8.2	2008.08.06	-
ViRobot	2008.8.7.1328	2008.08.07	-
VirusBuster	4.5.11.0	2008.08.06	-
Webwasher-Gateway	6.6.2	2008.08.07	Trojan.Crypt.XPACK.Gen

附加信息

File size: 16072 bytes

MD5...: 9ad0350581152b0fd269e1ecefa2765b

SHA1..: 690863b0183aa0825c879ade903ec638871547a9

SHA256: 3f968517cf2e36cc2b1992adffcb0b5d389cc4cafd85af69d67b57e75bef2896

SHA512: 55a396800a05efff74849db3f9d4463390fd2e5420476fe426b4d824dc112837
0f6d403f2552e6340b8e9bf90ae0f31fc75f2c55e16ffae880ef03304dfa2b16

PEiD..: -

PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x408f14
timedatestamp.....: 0x4899ea49 (Wed Aug 06 18:15:37 2008)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
0x1000 0x5000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
0x6000 0x2000 0x1c00 7.72 928bdac095e74b5421a8b02dee13877d
0x8000 0x3000 0x1ec8 6.98 194bad5403e8c41da4bb55434146f3fd

( 0 imports )

( 0 exports )

Prevx info: http://info.prevx.com/aboutprogr ... 0A1B0BD4900C14868C6

packers (F-Prot): Crypol

显示全部楼层 · 发表于 2008-8-7 20:45:23

TO KL

显示全部楼层 · 发表于 2008-8-7 20:48:18

to lab

显示全部楼层 · 发表于 2008-8-7 21:43:58

金山 0

显示全部楼层 · 发表于 2008-8-7 21:45:05

报壳啊报壳

显示全部楼层 · 发表于 2008-8-7 22:22:38

nis2008 0个

显示全部楼层 · 发表于 2008-8-7 22:27:49

nis pass，蜘蛛报后门

显示全部楼层 · 发表于 2008-8-7 22:29:26

显示全部楼层 · 发表于 2008-8-8 15:49:48

2008/8/8 15:48:29 已清除木马程序 Heur.Invader G:\Temp\Virus\mails.rar
2008/8/8 15:48:29 已隔离木马程序 Heur.Invader G:\Temp\Virus\mails.rar/mails.list

[病毒样本] mails.list

结果: 18/36 (50%)

ArcaVir2008, F-Prot 4.4.4,NVC 5.99